1 / 44

Faster Differentiation of Terrorists and Malicious Cyber Transactions from Good People and Transactions

Faster Differentiation of Terrorists and Malicious Cyber Transactions from Good People and Transactions. Peter P. Chen Foster Distinguished Chair Professor Computer Science Dept. Louisiana State University Baton Rouge, LA 70803, USA pchen@lsu.edu http://www.csc.lsu.edu/~chen.

Angelica
Download Presentation

Faster Differentiation of Terrorists and Malicious Cyber Transactions from Good People and Transactions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Faster Differentiation of Terrorists and Malicious Cyber Transactions from Good People and Transactions Peter P. Chen Foster Distinguished Chair Professor Computer Science Dept. Louisiana State University Baton Rouge, LA 70803, USA pchen@lsu.edu http://www.csc.lsu.edu/~chen

  2. Profiling of terrorists and malicious cyber transactions • Examples: 9-11, Airport Security, D.C. snipers, Louisiana serial killer, Ohio sniper, etc. • Current Problems: • Isolated Data • Questionable data • Little Mathematical Analysis • Algorithms (if any) are independent of (or incompatible with) data models

  3. Why Do We Study the Profiling Problem? • 9-11 • D.C. snipers • serial killers in Louisiana, California, etc. • Ohio sniper, etc. • Airport Security

  4. In any population, …

  5. Attributes (and “relationships) of bad guys • Black hair? • Beard/moustache? • Nationality: xxxx? • Has traveled to Country X three times?

  6. Using the fewest attributes to catch all the bad guys … • black hair • beard/moustache

  7. …also catches some good guys (casualties): • black hair • beard/moustache

  8. …also catches some good guys (casualties): • black hair • beard/moustache

  9. Goal: • Find the smallest number of attributes that will catch all the bad guys, but at the same time• Include as few casualties (good guys) as possible.

  10. Some good guys are more important than others

  11. Some bad guys are more important (to capture) than others

  12. Goal (more ambitious):• Find the smallest number of attributes that will catch as many, and preferably the more important bad guys,but at the same time• Include as few, and preferably the less important good guys, as possible.

  13. Problem -- Profiling of Terrorists and malicious cyber transactions • Current Problems: • Isolated Data • Questionable data • Little Mathematical Analysis • “Unscientific/Unproven” Methods • Algorithms (if any) are independent of (or incompatible with) data models • Solution: • Data “links” (“relationships”) • Info validity and conflict resolution • Optimization model & algorithms • Integration of data model and algorithms

  14. Solution Techniques for the Profiling Problem (I) – „New“ Concepts of ERM • Discovering „Links/Relationships“ from Data in Various Sources (such as DARPA‘s EELD Program) • „Auto“-construction of „Relationships“ • „Dynamically adjusting“ the weights of relationships • Validity/Credibility Analysis of Data • A Paper was published in InfoFusion 2001, Montreal • Algorithm was developed • Prototype developed • Also, developed machine learning algorithm

  15. Solution Techniques for the Profiling problem (II) – (a) Integration of ERM and Math Models, (b) Developing New Math Models & Algorithms • We Model the „profiling“ problem as a „generalized set covering problem“ • Start with the conventional definition of a „set covering problem (SCP)“ • Then, define a „weighted set covering problem“ • Finally, define a „generalized set covering problem“ • We have developed several efficient algorithms for solving this type of problems. Some of them are modified versions of the „greedy algorithm“ • Based on our tests, these new algorithms perform better than other algorithms in the SCP case • We have also obtained and proved some computational complexity bounds

  16. The Set Covering Problem (SCP)

  17. Notation

  18. SET COVERING PROBLEM (SCP) definition:

  19. Notation 2

  20. WEIGHTED SET COVERING PROBLEM (WSCP) definition:

  21. GSCP generalizes WSCP in three aspects: • Each SiS is associated with a weighted set WiW, where W = {W1, W2, … , Wn} and WiG, 1 ≤ i ≤ n, where G is a finite set. • Each element bB is weighted. • A combination of weighted elements of B with an additional factor  enables a relaxation of the covering requirement.

  22. GENERALIZED SET COVERING PROBLEM (GSCP) definition:

  23. Algorithms for GSCP

  24. Greedy Set Covering Algorithm (GSCA)

  25. .

  26. Generous Set Covering Algorithm (GSCGA)

  27. Algorithm Liability_1 Input: S, A, W, jN+ Output: cost 1. costc (Wj) Algorithm Liability_2 Input: S, A, W, jN+ Output: cost 1. costc (Wj) / d (Sj)

  28. Super Greedy (Generous) Algorithm

  29. Democratic Algorithm

  30. Comparisons of Different Algorithms

  31. Table notation

  32. Table 1. Outputs to instances of GSCP by various heuristic algorithms

  33. Table 2. Outputs to instances of SCP by various heuristic algorithms

  34. Table 3. Number of basic operations executed by the Democratic Algorithm using various configurations to solve instances of SCP

  35. Table 5. Output of the Democratic Algorithm using Balas/Carrera and Beasley’s algorithms

  36. Which Algorithm is the best?

  37. Near-Term Research Plans -- • Take advantage of LSU’s NCSRT, one of the largest training centers of emergency and anti-terrorism workers • Test the Models and algorithms with law enforcement agencies and other agencies • Test the data-model/math-model integration problems with real and quasi-real data sets

  38. Other Related Research Activities • Integration of conceptual models (ER model, etc.) with databases, math models • New Machine Learning Techniques • Trustworthiness of Data and Conflict Resolutions • (High and low-level) System Architecture and Cyber Security • Cost/Effective Assessments of Security Techniques -- Making real impacts!

More Related